{% extends "site_base.html" %} {% load staticfiles %} {% load i18n %} {% block body_class %}template-blogpage{% endblock %} {% block head_title %}{{ page.title }}{% endblock %} {% block body %} {% block content %}
{{ main }}
{% if bad_token and request.user.is_authenticated %}You are already logged in. If you saw this issue whilst attempting to log in, you can to go to the Dashboard and continue using the site.
{% endif %} {% if no_referer %}{{ no_referer1 }}
{{ no_referer2 }}
{% endif %} {% if no_cookie %}{{ no_cookie1 }}
{{ no_cookie2 }}
{% endif %} {% if DEBUG %}Reason given for failure:
{{ reason }}{% endif %}
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
request
to the template's render
method.{% templatetag openblock %} csrf_token
{% templatetag closeblock %}
template tag inside each POST form that
targets an internal URL.CsrfViewMiddleware
, then you must use
csrf_protect
on any views that use the csrf_token
template tag, as well as those that accept the POST data.You're seeing the help section of this page because you have DEBUG =
True
in your Django settings file. Change that to False
,
and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
{% else %}{{ more }}
{% endif %}